CVE-2014-8727

medium

CVSS v3 Base Score

6.2

AV:L/AC:L/Au:S/C:N/I:C/A:C

EPSS Score

0.2%

Exploitation probability in 30 days

Top 63% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

None

Integrity

Availability

Published: November 17, 2014 (4195 days ago)

Last Modified: May 6, 2026

Vendor: F5

Source: NVD

Description

Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the "Resource Administrator" or "Administrator" role to enumerate and delete arbitrary files via a .. (dot dot) in the name parameter to (1) tmui/Control/jspmap/tmui/system/archive/properties.jsp or (2) tmui/Control/form.

CWE

CWE-22

Affected Products

f5 big-ip local traffic manager

References

🔗 packetstormsecurity.com 🔗 www.exploit-db.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 exchange.xforce.ibmcloud.com

CVE-2014-8727

Vulnerability Report

Description

CWE

Affected Products

References